March 22, 2016
Photo - Dr. Amirudin Abdul Wahab, CEO of CyberSecurity Malaysia.
Following the announcement of this year' drill to test the capability of Computer Security Incident Response Teams (CSIRT) in the Asia Pacific region, national agency CyberSecurity Malaysia has urged local organisations to conduct their own drills.
Dr Amirudin Abdul Wahab, chief executive officer of CyberSecurity Malaysia, confirmed that the Asia Pacific Computer Emergency Response Team (APCERT) has successfully completed its annual drill to test the response capability of leading CSIRTs from the Asia Pacific economies.
In addition, for the fifth time, APCERT also involved the participation of members from the organisation of the Islamic Cooperation - Computer Emergency Response Team (OIC-CERT) in this drill, said Dr Amirudin.
Themed 'An Evolving Cyber Threat and Financial Fraud', the 2016 edition of the exercise reflected real incidents and problems that exist on the Internet, he said, adding that the scenario for this year simulated a contemporary cyber threat designed to defraud individual and financial institutions.
Throughout the exercise, the participating teams activated and tested their incident handling arrangements, said Dr Amirudin.
This drill included the need to interact both locally and internationally, with CSIRTs/CERTs and victim organisations, for the coordinated suspension of malicious infrastructure, analysis of malicious code, as well as notification and assistance to affected entities.
This incident response exercise, which was coordinated across many economies, sought to validate the enhanced communication protocols, technical capabilities and quality of incident responses that were needed to maintain Internet security and safety.
He said 26 CSIRT teams from 20 economies (Australia, Bangladesh, Brunei Darussalam, People's Republic of China, Chinese Taipei, Hong Kong, India, Indonesia, Japan, Korea, Lao People's Democratic Republic, Macao, Malaysia, Mongolia, Myanmar, New Zealand, Singapore, Sri Lanka, Thailand and Vietnam) of the APCERT participated in the drill. From the external parties, CSIRT teams from 6 economies (Egypt, Morocco, Nigeria, Oman, Pakistan and Tunisia) of the OIC-CERT participated.
Deputy chair of APCERT
"CyberSecurity Malaysia is also the Deputy Chair of APCERT," Dr Amirudin said. "We have been actively involved in the drill and it has become our annual exercise."
"Through Malaysia Computer Emergency Response Team (MyCERT), we played the role as a Player and managed incident response of the scenario received by the playing teams," he said. "Our active involvement in APCERT Drill has helped to increase our skills, expertise as well as the process improvements of incident response and handling."
Dr Amirudin said that organisations, particularly in the critical national information infrastructure space, should conduct their own cyber drills within their industries and sectors on a periodic basis, focusing on the current threats that particularly target their industries.
APCERT was established by leading and national Computer Security Incident Response Teams (CSIRTs) from the economies of the Asia Pacific region to improve cooperation, response and information sharing among CSIRTs in the region. APCERT Operational Members consist of 28 CSIRTs from 20 economies.
OIC-CERT was established in January 2009, to provide a platform for member countries to explore and to develop collaborative initiatives and possible partnerships in matters pertaining to cyber security that shall strengthen their self-reliant in the cyberspace. OIC-CERT consists of 33 CERTs, cyber security related agencies and professional from 20 economies.